Update Buildroot to 2019.02.3 (#415)

* Update Buildroot to 2019-02.3

* Fix enter script

* Update ova_defconfig

* Fix network manager

* Remove runc patches

* Use same docker version

* Fix build

* Fix vmtools

* Fix depens

* Fix handling with tempfiles

* Fix permission handling

* Fix cp

* Cleanup

* Fix mounts

buildroot/package/mender/0001-FIX-Enabling-compiling-ppc64le.patch

@@ -1,37 +0,0 @@
-From 2b13f9a50793fdc15199925000107cb0cc4e7bad Mon Sep 17 00:00:00 2001
-From: Angelo Compagnucci <angelo@amarulasolutions.com>
-Date: Thu, 9 Aug 2018 09:28:06 +0200
-Subject: [PATCH] FIX: Enabling compiling ppc64le
-
-This patch enables Mender compilation on ppc64le
-
-Changelog: FIX: Enabling compiling ppc64le
-
-Signed-off-by: Angelo Compagnucci <angelo@amarulasolutions.com>
-Signed-off-by: Giulio Benetti <giulio.benetti@micronovasrl.com>
----
- ioctl_64_bit.go | 4 ++--
- 1 file changed, 2 insertions(+), 2 deletions(-)
-
-diff --git a/ioctl_64_bit.go b/ioctl_64_bit.go
-index 6f61a6c..f1e2dd8 100644
---- a/ioctl_64_bit.go
-+++ b/ioctl_64_bit.go
-@@ -1,4 +1,4 @@
--// Copyright 2017 Northern.tech AS
-+// Copyright 2018 Northern.tech AS
- //
- //    Licensed under the Apache License, Version 2.0 (the "License");
- //    you may not use this file except in compliance with the License.
-@@ -12,7 +12,7 @@
- //    See the License for the specific language governing permissions and
- //    limitations under the License.
- 
--// +build amd64 arm64
-+// +build amd64 arm64 ppc64le
- 
- package main
- 
--- 
-2.17.1
-

buildroot/package/mender/S42mender

@@ -0,0 +1,56 @@
+#!/bin/sh
+#
+# Starts mender service.
+#
+
+start() {
+	# If /var/lib/mender is a symlink to /var/run/mender, and
+	#   - the filesystem is RO (i.e. we can not rm the symlink),
+	#     create the directory pointed to by the symlink.
+	#   - the filesystem is RW (i.e. we can rm the symlink),
+	#     replace the symlink with an actual directory
+	if [ -L /var/lib/mender \
+	     -a "$(readlink /var/lib/mender)" = "/var/run/mender" ]
+	then
+		if rm -f /var/lib/mender >/dev/null 2>&1; then
+			mkdir -p /var/lib/mender
+		else
+			echo "No persistent location to store mender data. Data will be lost"
+			echo "at reboot. Are you sure this is what you want to do?"
+			mkdir -p "$(readlink /var/lib/mender)"
+		fi
+	fi
+
+	printf "Starting mender service: "
+	umask 077
+
+	start-stop-daemon -S -q -b -m -p /var/run/mender.pid \
+		--exec /usr/bin/mender -- -daemon
+	[ $? = 0 ] && echo "OK" || echo "FAIL"
+}
+stop() {
+	printf "Stopping mender service: "
+	start-stop-daemon -K -q -p /var/run/mender.pid
+	[ $? = 0 ] && echo "OK" || echo "FAIL"
+}
+restart() {
+	stop
+	start
+}
+
+case "$1" in
+	start)
+		start
+		;;
+	stop)
+		stop
+		;;
+	restart|reload)
+		restart
+		;;
+	*)
+		echo "Usage: $0 {start|stop|restart}"
+		exit 1
+esac
+
+exit $?

buildroot/package/mender/artifact_info

@@ -0,0 +1 @@
+artifact_name=BUILDROOT_ARTIFACT

buildroot/package/mender/device_type

@@ -0,0 +1 @@
+device_type=BUILDROOT_DEVICE

buildroot/package/mender/mender.conf

@@ -2,8 +2,8 @@
   "InventoryPollIntervalSeconds": 1800,
   "UpdatePollIntervalSeconds": 1800,
   "RetryPollIntervalSeconds": 300,
-  "RootfsPartA": "mmcblk0p2",
-  "RootfsPartB": "mmcblk0p3",
+  "RootfsPartA": "/dev/mmcblk0p2",
+  "RootfsPartB": "/dev/mmcblk0p3",
   "ServerCertificate": "/etc/mender/server.crt",
   "ServerURL": "https://docker.mender.io",
   "TenantToken": "dummy"

buildroot/package/mender/mender.hash

@@ -1,14 +1,14 @@
 # Locally computed:
-sha256 267fa73ad472b034248ee298593b5c52ea0b105fd73c91febb3587280c61bee2 mender-1.4.0.tar.gz
+sha256 caee18d1b8446df0cbb9a9c5a1c040d7eb1924332da94c3489494443a8077eb8 1.7.0.tar.gz
 
 # Apache-2.0 license, locally computed
-sha256 ceb1b36ff073bd13d9806d4615b931707768ca9023805620acc32dd1cfc2f680 LICENSE
+sha256 98ed35b5a138f58164b5c0dbccd9d7f01ef4d84b9dba01e896f0a3241c50c0f7 LICENSE
 
 # Vendor licenses
 # Generated with sed '/^[A-Za-z0-9_]/s/^/sha256  /' LIC_FILES_CHKSUM.sha256
 
 # Apache-2.0 license.
-sha256 ceb1b36ff073bd13d9806d4615b931707768ca9023805620acc32dd1cfc2f680  vendor/github.com/mendersoftware/mendertesting/LICENSE
+sha256 98ed35b5a138f58164b5c0dbccd9d7f01ef4d84b9dba01e896f0a3241c50c0f7  vendor/github.com/mendersoftware/mendertesting/LICENSE
 sha256 3591f687e2d6f49c83b1ec69577e8110afbde80be5ec81791bd86d2838ccd3de  vendor/github.com/mendersoftware/log/LICENSE
 sha256 bbb303820971c294a9a8e5eba5affcf1379036e877ea61c11cbf9400b2949483  vendor/github.com/mendersoftware/log/COPYING
 sha256 3591f687e2d6f49c83b1ec69577e8110afbde80be5ec81791bd86d2838ccd3de  vendor/github.com/mendersoftware/scopestack/LICENSE
@@ -38,4 +38,4 @@ sha256 ffa15bdce332058a03a1d923910864fb6e58bf6df66a0e3914284725b327183e  vendor/
 sha256 310fe25c858a9515fc8c8d7d1f24a67c9496f84a91e0a0e41ea9975b1371e569  vendor/github.com/bmatsuo/lmdb-go/LICENSE.mdb.md
 
 # sha256 of all the vendor licenses combined
-sha256 54d6f54a2815cc2e3cef4f7dde5a3aae20f09b2cde394d8d3f1dce5d8a79d738 LIC_FILES_CHKSUM.sha256
+sha256 b84b543cab0505452982422783c0e68b7bfa0a1de4a625753d325e0a8b2dacb1 LIC_FILES_CHKSUM.sha256

buildroot/package/mender/mender.mk

@@ -4,8 +4,9 @@
 #
 ################################################################################
 
-MENDER_VERSION = 1.4.0
-MENDER_SITE = $(call github,mendersoftware,mender,$(MENDER_VERSION))
+MENDER_VERSION = 1.7.0
+MENDER_SITE = https://github.com/mendersoftware/mender/archive
+MENDER_SOURCE = $(MENDER_VERSION).tar.gz
 MENDER_LICENSE = Apache-2.0, BSD-2-Clause, BSD-3-Clause, ISC, MIT, OLDAP-2.8
 
 # Vendor license paths generated with:
@@ -45,10 +46,19 @@ define MENDER_INSTALL_CONFIG_FILES
 
 	$(INSTALL) -D -m 0755 $(@D)/support/mender-device-identity \
 		$(TARGET_DIR)/usr/share/mender/identity/mender-device-identity
-	$(foreach f,hostinfo network, \
+	$(foreach f,hostinfo network os rootfs-type, \
 		$(INSTALL) -D -m 0755 $(@D)/support/mender-inventory-$(f) \
 			$(TARGET_DIR)/usr/share/mender/inventory/mender-inventory-$(f)
 	)
+
+	$(INSTALL) -D -m 0755 package/mender/artifact_info \
+			$(TARGET_DIR)/etc/mender/artifact_info
+
+	$(INSTALL) -D -m 0755 package/mender/device_type \
+			$(TARGET_DIR)/etc/mender/device_type
+
+	mkdir -p $(TARGET_DIR)/var/lib
+	ln -snf /var/run/mender $(TARGET_DIR)/var/lib/mender
 endef
 
 MENDER_POST_INSTALL_TARGET_HOOKS += MENDER_INSTALL_CONFIG_FILES
@@ -61,4 +71,9 @@ define MENDER_INSTALL_INIT_SYSTEMD
 		$(TARGET_DIR)/etc/systemd/system/multi-user.target.wants/mender.service
 endef
 
+define MENDER_INSTALL_INIT_SYSV
+	$(INSTALL) -D -m 755 package/mender/S42mender \
+		$(TARGET_DIR)/etc/init.d/S42mender
+endef
+
 $(eval $(golang-package))

buildroot/package/mender/mender.service

@@ -6,7 +6,17 @@ After=systemd-resolved.service
 Type=idle
 User=root
 Group=root
-ExecStartPre=/bin/mkdir -p -m 0700 /data/mender
+ExecStartPre=/bin/sh -c '\
+if [ -L /var/lib/mender \
+     -a "$(readlink /var/lib/mender)" = "/var/run/mender" ]; then \
+    if rm -f /var/lib/mender >/dev/null 2>&1; then \
+        mkdir -p /var/lib/mender; \
+    else \
+        echo "No persistent location to store mender data. Data will be lost" \
+        echo "at reboot. Are you sure this is what you want to do?"; \
+        mkdir -p "$(readlink /var/lib/mender)"; \
+    fi; \
+fi'
 ExecStart=/usr/bin/mender -daemon
 Restart=on-abort
 

buildroot/package/mender/readme.txt

@@ -0,0 +1,154 @@
+=== Notes on using Mender on Buildroot
+======================================
+
+Mender is an open source over-the-air (OTA) software updater for
+embedded Linux devices. Mender comprises a client running at the
+embedded device, as well as a server that manages deployments across
+many devices. There is also various tooling around the Mender project,
+such as 'mender-artifact' which is used to create Mender Artifacts
+that are compatible with the Mender client and server.
+
+Mender aims to address this challenge with a robust and easy to use
+updater for embedded Linux devices, which is open source and available
+to anyone.
+
+Robustness is ensured with atomic image-based deployments using a dual
+A/B rootfs partition layout. This makes it always possible to roll
+back to a working state, even when losing power at any time during the
+update process.
+
+The official documentation is a good resource to get an in depth
+understanding of how Mender works:
+
+    https://docs.mender.io
+
+In Buildroot the following packages are provided:
+
+- BR2_PACKAGE_MENDER
+    - This will install the client on target rootfs
+- BR2_PACKAGE_HOST_MENDER_ARTIFACT
+    - This will install the 'mender-artifact' tool in host rootfs.
+
+To fully utilize atomic image-based deployments using the A/B update
+strategy, additional integration is required in the bootloader. This
+integration is board specific.
+
+Currently supported bootloaders are GRUB and U-boot, and for reference
+integrations please visit:
+
+    https://github.com/mendersoftware/buildroot-mender
+
+Default configurations files
+----------------------------
+
+Buildroot comes with a default configuration and there a couple of
+files that need your attention:
+
+- /etc/mender/mender.conf
+    - main configuration file for the Mender client
+    - https://docs.mender.io/client-configuration/configuration-file/configuration-options
+
+- /etc/mender/artifact_info
+    - The name of the image or update that will be built. This is what the
+      device will report that it is running, and different updates must have
+      different names
+
+- /var/lib/mender/device_type
+    - A string that defines the type of device
+
+Mender server configuration
+---------------------------
+
+The Mender server can be setup in different ways, and how you
+configure the Mender client differs slightly depending on which server
+environment is used.
+
+- Mender demo environment
+
+This is if you have followed the Getting started documentation where
+you launch a Mender server locally and to configure your environment
+to connect to this local server you need to provide the IP address of
+the server on the local network.
+
+By default the demo environment will connect to 'docker.mender.io' and
+'s3.docker.mender.io' and we need to make sure that these are resolved
+to the local IP address of the running server by adding the following
+entry to '/etc/hosts'
+
+    <ip address of demo environment> docker.mender.io s3.docker.mender.io
+
+This is required because the communication between client and server
+is utilizing TLS and the provided demo server certificate (server.crt)
+is only valid for 'docker.mender.io' and 's3.docker.mender.io'
+domains.
+
+- Hosted Mender
+
+To authenticate the Mender client with the Hosted Mender server you
+need a tenant token.
+
+To get your tenant token:
+
+- log in to https://hosted.mender.io
+- click your email at the top right and then “My organization”
+- press the “COPY TO CLIPBOARD”
+- assign content of clipboard to TenantToken
+
+Example mender.conf options for Hosted Mender:
+
+    {
+      ...
+      "ServerURL": "https://hosted.mender.io",
+      "TenantToken": "<paste tenant token here>"
+      ...
+    }
+
+
+Creating Mender Artifacts
+-------------------------
+
+To create Mender Artifacts based on Buildroot build output you must
+include BR2_PACKAGE_HOST_MENDER_ARTIFACT in your configuration, and
+then you would typically create the Mender Artifact in a post image
+script (BR2_ROOTFS_POST_IMAGE_SCRIPT). Below is an example of such a
+script:
+
+    #!/bin/sh
+
+    set -e
+    set -x
+
+    device_type=$(cat ${TARGET_DIR}/var/lib/mender/device_type | sed 's/[^=]*=//')
+    artifact_name=$(cat ${TARGET_DIR}/etc/mender/artifact_info | sed 's/[^=]*=//')
+
+    if [ -z "${device_type}" ] || [ -z "${artifact_name}" ]; then
+        echo "missing files required by Mender"
+        exit 1
+    fi
+
+    ${HOST_DIR}/usr/bin/mender-artifact write rootfs-image \
+        --update ${BINARIES_DIR}/rootfs.ext4 \
+        --output-path ${BINARIES_DIR}/${artifact_name}.mender \
+        --artifact-name ${artifact_name} \
+        --device-type ${device_type}
+
+As you can see some properties are extracted from target rootfs, and
+this is because these values are used for compatibility checks,
+meaning that the information must be present in both rootfs and in
+Mender Artifact meta data.
+
+- device_type - must be an exact match between rootfs and Mender
+                Artifact meta-data to apply update. You can set an
+                array of devices here as well, e.g if your image is
+                compatible with multiple hardware revisions
+
+- artifact_name - must be an exact match between rootfs and Mender
+                  Artifact meta-data to apply update.
+
+Configuring Mender with certificates
+------------------------------------
+
+Mender uses TLS to communicate with the management server, and if you
+use a CA-signed certificate on the server, you must include
+BR2_PACKAGE_CA_CERTIFICATES in your configuration to authenticate TLS
+connections.